<?php
/**
 * File: util.php
 * Author: Johnny Mom
 * Date: 12/3/2012
 * Description: Utility functions.
 */
 
/**
 * Opens connection to the MySQL database server on the localhost,
 * for the root account, with no password.
 * @return object $conn that has connection data.
 */
function connect( )
{
  //connect to the database server
  $conn = mysqli_connect("localhost", "root", "", "internship2career");
  
  //check connection
  if (mysqli_connect_errno( )) {
    exit("Failed to connect to MySQL" . mysqli_connect_error( ));
  }
  //debug("Database connection", mysqli_get_host_info($conn));
  return $conn;
}

/**
 * Calls var_dump( ) for parameter variable.
 * @param string $msg message outputted before exposing the parameter variable.
 * @param mixed $var has variable that's being examined. 
 */
 
function debug($msg, $var) 
{
  echo "DEBUG $msg: ";
  var_dump($var);
  echo "<br />";
}



/**
 * Prevents cross-site injection and SQL injection.
 * @param string $input has string entered by the user through a form
 * @param object $conn represents connection to MySQL server
 * @return string $input has a modified string from which 
 * escapting symbols, '\' and quotation symbols have been removed (to prevent
 * MySQL injectinon), and HTML tags have been converted to HTML entities.
 */
 
/**function sanitize($conn, $input)
{
  if (get_magic_quotes_gpc( )) {
    $input = stripslashes($input);
  }
  $input = mysqli_real_escape_string($conn, $input);
  $input = htmlentities($input);
  return $input;
} */
?>
